@raishin/vanguard-frontier-agentic 2.2.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (765) hide show
  1. package/.claude-plugin/marketplace.json +1 -1
  2. package/.claude-plugin/plugin.json +41 -1
  3. package/.cursor-plugin/plugin.json +41 -1
  4. package/.github/plugin/marketplace.json +1 -1
  5. package/README.md +48 -28
  6. package/agents/dotnet/README.md +57 -0
  7. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/AGENT.md +57 -0
  8. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/claude-code.agent.md +41 -0
  9. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/codex.toml +40 -0
  10. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/copilot.agent.md +41 -0
  11. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/cursor.agent.md +41 -0
  12. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/gemini.agent.md +41 -0
  13. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/kiro-cli.agent.json +5 -0
  14. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/harnesses/kiro-ide.agent.md +41 -0
  15. package/agents/dotnet/dotnet-aspire-cloud-native-review-agent/metadata.json +41 -0
  16. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/AGENT.md +56 -0
  17. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/claude-code.agent.md +40 -0
  18. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/codex.toml +38 -0
  19. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/copilot.agent.md +40 -0
  20. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/cursor.agent.md +40 -0
  21. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/gemini.agent.md +40 -0
  22. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/kiro-cli.agent.json +5 -0
  23. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/harnesses/kiro-ide.agent.md +40 -0
  24. package/agents/dotnet/dotnet-aspnetcore-api-review-agent/metadata.json +42 -0
  25. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/AGENT.md +56 -0
  26. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/claude-code.agent.md +40 -0
  27. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/codex.toml +38 -0
  28. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/copilot.agent.md +40 -0
  29. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/cursor.agent.md +40 -0
  30. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/gemini.agent.md +40 -0
  31. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/kiro-cli.agent.json +5 -0
  32. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/harnesses/kiro-ide.agent.md +40 -0
  33. package/agents/dotnet/dotnet-aspnetcore-identity-authz-review-agent/metadata.json +42 -0
  34. package/agents/dotnet/dotnet-csharp-runtime-review-agent/AGENT.md +56 -0
  35. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/claude-code.agent.md +39 -0
  36. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/codex.toml +39 -0
  37. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/copilot.agent.md +39 -0
  38. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/cursor.agent.md +39 -0
  39. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/gemini.agent.md +39 -0
  40. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/kiro-cli.agent.json +5 -0
  41. package/agents/dotnet/dotnet-csharp-runtime-review-agent/harnesses/kiro-ide.agent.md +39 -0
  42. package/agents/dotnet/dotnet-csharp-runtime-review-agent/metadata.json +42 -0
  43. package/agents/dotnet/dotnet-efcore-data-access-review-agent/AGENT.md +58 -0
  44. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/claude-code.agent.md +42 -0
  45. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/codex.toml +41 -0
  46. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/copilot.agent.md +42 -0
  47. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/cursor.agent.md +42 -0
  48. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/gemini.agent.md +42 -0
  49. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/kiro-cli.agent.json +5 -0
  50. package/agents/dotnet/dotnet-efcore-data-access-review-agent/harnesses/kiro-ide.agent.md +42 -0
  51. package/agents/dotnet/dotnet-efcore-data-access-review-agent/metadata.json +42 -0
  52. package/agents/dotnet/dotnet-maestro-agent/AGENT.md +53 -0
  53. package/agents/dotnet/dotnet-maestro-agent/harnesses/claude-code.agent.md +36 -0
  54. package/agents/dotnet/dotnet-maestro-agent/harnesses/codex.toml +40 -0
  55. package/agents/dotnet/dotnet-maestro-agent/harnesses/copilot.agent.md +36 -0
  56. package/agents/dotnet/dotnet-maestro-agent/harnesses/cursor.agent.md +36 -0
  57. package/agents/dotnet/dotnet-maestro-agent/harnesses/gemini.agent.md +36 -0
  58. package/agents/dotnet/dotnet-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  59. package/agents/dotnet/dotnet-maestro-agent/harnesses/kiro-ide.agent.md +36 -0
  60. package/agents/dotnet/dotnet-maestro-agent/metadata.json +40 -0
  61. package/agents/dotnet/dotnet-observability-otel-review-agent/AGENT.md +57 -0
  62. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/claude-code.agent.md +41 -0
  63. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/codex.toml +40 -0
  64. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/copilot.agent.md +41 -0
  65. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/cursor.agent.md +41 -0
  66. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/gemini.agent.md +41 -0
  67. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/kiro-cli.agent.json +5 -0
  68. package/agents/dotnet/dotnet-observability-otel-review-agent/harnesses/kiro-ide.agent.md +41 -0
  69. package/agents/dotnet/dotnet-observability-otel-review-agent/metadata.json +41 -0
  70. package/agents/dotnet/dotnet-performance-aot-review-agent/AGENT.md +56 -0
  71. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/claude-code.agent.md +40 -0
  72. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/codex.toml +39 -0
  73. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/copilot.agent.md +40 -0
  74. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/cursor.agent.md +40 -0
  75. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/gemini.agent.md +40 -0
  76. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/kiro-cli.agent.json +5 -0
  77. package/agents/dotnet/dotnet-performance-aot-review-agent/harnesses/kiro-ide.agent.md +40 -0
  78. package/agents/dotnet/dotnet-performance-aot-review-agent/metadata.json +41 -0
  79. package/agents/dotnet/dotnet-supply-chain-review-agent/AGENT.md +57 -0
  80. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/claude-code.agent.md +41 -0
  81. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/codex.toml +40 -0
  82. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/copilot.agent.md +41 -0
  83. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/cursor.agent.md +41 -0
  84. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/gemini.agent.md +41 -0
  85. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/kiro-cli.agent.json +5 -0
  86. package/agents/dotnet/dotnet-supply-chain-review-agent/harnesses/kiro-ide.agent.md +41 -0
  87. package/agents/dotnet/dotnet-supply-chain-review-agent/metadata.json +42 -0
  88. package/agents/dotnet/dotnet-testing-quality-review-agent/AGENT.md +56 -0
  89. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/claude-code.agent.md +40 -0
  90. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/codex.toml +39 -0
  91. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/copilot.agent.md +40 -0
  92. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/cursor.agent.md +40 -0
  93. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/gemini.agent.md +40 -0
  94. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/kiro-cli.agent.json +5 -0
  95. package/agents/dotnet/dotnet-testing-quality-review-agent/harnesses/kiro-ide.agent.md +40 -0
  96. package/agents/dotnet/dotnet-testing-quality-review-agent/metadata.json +41 -0
  97. package/agents/hetzner/README.md +1 -1
  98. package/agents/hr/hr-analytics-people-data-agent/metadata.json +3 -7
  99. package/agents/hr/hr-benefits-payroll-agent/metadata.json +3 -7
  100. package/agents/hr/hr-compensation-equity-agent/metadata.json +3 -7
  101. package/agents/hr/hr-culture-dei-agent/metadata.json +3 -7
  102. package/agents/hr/hr-employee-relations-agent/metadata.json +3 -7
  103. package/agents/hr/hr-hris-process-controls-agent/metadata.json +3 -7
  104. package/agents/hr/hr-learning-policy-agent/metadata.json +3 -7
  105. package/agents/hr/hr-leave-accommodation-agent/metadata.json +3 -7
  106. package/agents/hr/hr-maestro-agent/metadata.json +4 -8
  107. package/agents/hr/hr-performance-management-agent/metadata.json +3 -7
  108. package/agents/hr/hr-recruiting-selection-agent/metadata.json +3 -7
  109. package/agents/hr/hr-risk-triage-review-agent/metadata.json +3 -3
  110. package/agents/hr/hr-termination-readiness-agent/metadata.json +3 -7
  111. package/agents/hr/hr-workforce-planning-rif-agent/metadata.json +3 -7
  112. package/agents/hr/hr-workplace-investigations-agent/metadata.json +3 -7
  113. package/agents/legal/legal-contract-review-agent/metadata.json +3 -7
  114. package/agents/legal/legal-counsel-review-agent/metadata.json +3 -3
  115. package/agents/legal/legal-employment-law-risk-agent/metadata.json +4 -8
  116. package/agents/legal/legal-ethics-investigations-agent/metadata.json +3 -7
  117. package/agents/legal/legal-ip-open-source-agent/metadata.json +3 -7
  118. package/agents/legal/legal-knowledge-management-agent/metadata.json +3 -7
  119. package/agents/legal/legal-litigation-discovery-hold-agent/metadata.json +3 -7
  120. package/agents/legal/legal-maestro-agent/metadata.json +4 -8
  121. package/agents/legal/legal-policy-governance-agent/metadata.json +3 -7
  122. package/agents/legal/legal-privacy-data-protection-agent/metadata.json +3 -7
  123. package/agents/legal/legal-public-disclosure-agent/metadata.json +3 -7
  124. package/agents/legal/legal-regulatory-compliance-agent/metadata.json +3 -7
  125. package/agents/legal/legal-vendor-procurement-risk-agent/metadata.json +3 -7
  126. package/agents/oci/oci-devops-container-platform-engineer-agent/AGENT.md +1 -1
  127. package/agents/oci/oci-exadata-platform-architect-agent/AGENT.md +1 -1
  128. package/agents/oci/oci-multi-cloud-architect-agent/AGENT.md +1 -1
  129. package/agents/prometheus/README.md +1 -1
  130. package/agents/qa/playwright-e2e-suite-review-agent/AGENT.md +3 -3
  131. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/claude-code.agent.md +3 -3
  132. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/copilot.agent.md +3 -3
  133. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/cursor.agent.md +3 -3
  134. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/gemini.agent.md +3 -3
  135. package/agents/qa/playwright-e2e-suite-review-agent/harnesses/kiro-ide.agent.md +3 -3
  136. package/agents/salesforce/AGENTS.md +31 -0
  137. package/agents/salesforce/README.md +135 -0
  138. package/agents/salesforce/salesforce-adaptive-access-agent/AGENT.md +117 -0
  139. package/agents/salesforce/salesforce-adaptive-access-agent/LEAST-PRIVILEGES.md +91 -0
  140. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/claude-code.agent.md +69 -0
  141. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/codex.toml +30 -0
  142. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/copilot.agent.md +69 -0
  143. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/cursor.agent.md +69 -0
  144. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/gemini.agent.md +69 -0
  145. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-cli.agent.json +5 -0
  146. package/agents/salesforce/salesforce-adaptive-access-agent/harnesses/kiro-ide.agent.md +69 -0
  147. package/agents/salesforce/salesforce-adaptive-access-agent/metadata.json +30 -0
  148. package/agents/salesforce/salesforce-agentforce-ai-agent/AGENT.md +126 -0
  149. package/agents/salesforce/salesforce-agentforce-ai-agent/LEAST-PRIVILEGES.md +92 -0
  150. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/claude-code.agent.md +81 -0
  151. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/codex.toml +36 -0
  152. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/copilot.agent.md +81 -0
  153. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/cursor.agent.md +81 -0
  154. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/gemini.agent.md +81 -0
  155. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-cli.agent.json +5 -0
  156. package/agents/salesforce/salesforce-agentforce-ai-agent/harnesses/kiro-ide.agent.md +49 -0
  157. package/agents/salesforce/salesforce-agentforce-ai-agent/metadata.json +41 -0
  158. package/agents/salesforce/salesforce-analytics-tableau-agent/AGENT.md +119 -0
  159. package/agents/salesforce/salesforce-analytics-tableau-agent/LEAST-PRIVILEGES.md +81 -0
  160. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/claude-code.agent.md +75 -0
  161. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/codex.toml +35 -0
  162. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/copilot.agent.md +75 -0
  163. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/cursor.agent.md +75 -0
  164. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/gemini.agent.md +75 -0
  165. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-cli.agent.json +5 -0
  166. package/agents/salesforce/salesforce-analytics-tableau-agent/harnesses/kiro-ide.agent.md +45 -0
  167. package/agents/salesforce/salesforce-analytics-tableau-agent/metadata.json +41 -0
  168. package/agents/salesforce/salesforce-app-builder-automation-agent/AGENT.md +112 -0
  169. package/agents/salesforce/salesforce-app-builder-automation-agent/LEAST-PRIVILEGES.md +86 -0
  170. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/claude-code.agent.md +50 -0
  171. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/codex.toml +35 -0
  172. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/copilot.agent.md +50 -0
  173. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/cursor.agent.md +50 -0
  174. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/gemini.agent.md +50 -0
  175. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-cli.agent.json +5 -0
  176. package/agents/salesforce/salesforce-app-builder-automation-agent/harnesses/kiro-ide.agent.md +50 -0
  177. package/agents/salesforce/salesforce-app-builder-automation-agent/metadata.json +40 -0
  178. package/agents/salesforce/salesforce-business-analyst-agent/AGENT.md +110 -0
  179. package/agents/salesforce/salesforce-business-analyst-agent/LEAST-PRIVILEGES.md +89 -0
  180. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/claude-code.agent.md +48 -0
  181. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/codex.toml +35 -0
  182. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/copilot.agent.md +48 -0
  183. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/cursor.agent.md +48 -0
  184. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/gemini.agent.md +48 -0
  185. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
  186. package/agents/salesforce/salesforce-business-analyst-agent/harnesses/kiro-ide.agent.md +48 -0
  187. package/agents/salesforce/salesforce-business-analyst-agent/metadata.json +40 -0
  188. package/agents/salesforce/salesforce-certificate-lifecycle-agent/AGENT.md +112 -0
  189. package/agents/salesforce/salesforce-certificate-lifecycle-agent/LEAST-PRIVILEGES.md +81 -0
  190. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/claude-code.agent.md +66 -0
  191. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/codex.toml +30 -0
  192. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/copilot.agent.md +66 -0
  193. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/cursor.agent.md +66 -0
  194. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/gemini.agent.md +66 -0
  195. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-cli.agent.json +5 -0
  196. package/agents/salesforce/salesforce-certificate-lifecycle-agent/harnesses/kiro-ide.agent.md +66 -0
  197. package/agents/salesforce/salesforce-certificate-lifecycle-agent/metadata.json +30 -0
  198. package/agents/salesforce/salesforce-change-impact-analyst-agent/AGENT.md +121 -0
  199. package/agents/salesforce/salesforce-change-impact-analyst-agent/LEAST-PRIVILEGES.md +87 -0
  200. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/claude-code.agent.md +74 -0
  201. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/codex.toml +30 -0
  202. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/copilot.agent.md +74 -0
  203. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/cursor.agent.md +74 -0
  204. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/gemini.agent.md +74 -0
  205. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-cli.agent.json +5 -0
  206. package/agents/salesforce/salesforce-change-impact-analyst-agent/harnesses/kiro-ide.agent.md +74 -0
  207. package/agents/salesforce/salesforce-change-impact-analyst-agent/metadata.json +30 -0
  208. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/AGENT.md +119 -0
  209. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/LEAST-PRIVILEGES.md +88 -0
  210. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/claude-code.agent.md +67 -0
  211. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/codex.toml +30 -0
  212. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/copilot.agent.md +67 -0
  213. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/cursor.agent.md +67 -0
  214. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/gemini.agent.md +67 -0
  215. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-cli.agent.json +5 -0
  216. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/harnesses/kiro-ide.agent.md +67 -0
  217. package/agents/salesforce/salesforce-code-analyzer-orchestrator-agent/metadata.json +31 -0
  218. package/agents/salesforce/salesforce-compliance-privacy-agent/AGENT.md +130 -0
  219. package/agents/salesforce/salesforce-compliance-privacy-agent/LEAST-PRIVILEGES.md +85 -0
  220. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/claude-code.agent.md +84 -0
  221. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/codex.toml +36 -0
  222. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/copilot.agent.md +84 -0
  223. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/cursor.agent.md +84 -0
  224. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/gemini.agent.md +84 -0
  225. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-cli.agent.json +5 -0
  226. package/agents/salesforce/salesforce-compliance-privacy-agent/harnesses/kiro-ide.agent.md +49 -0
  227. package/agents/salesforce/salesforce-compliance-privacy-agent/metadata.json +41 -0
  228. package/agents/salesforce/salesforce-continuous-verification-agent/AGENT.md +113 -0
  229. package/agents/salesforce/salesforce-continuous-verification-agent/LEAST-PRIVILEGES.md +90 -0
  230. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/claude-code.agent.md +64 -0
  231. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/codex.toml +30 -0
  232. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/copilot.agent.md +64 -0
  233. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/cursor.agent.md +64 -0
  234. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/gemini.agent.md +64 -0
  235. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-cli.agent.json +5 -0
  236. package/agents/salesforce/salesforce-continuous-verification-agent/harnesses/kiro-ide.agent.md +64 -0
  237. package/agents/salesforce/salesforce-continuous-verification-agent/metadata.json +31 -0
  238. package/agents/salesforce/salesforce-data-architecture-agent/AGENT.md +113 -0
  239. package/agents/salesforce/salesforce-data-architecture-agent/LEAST-PRIVILEGES.md +92 -0
  240. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/claude-code.agent.md +49 -0
  241. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/codex.toml +35 -0
  242. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/copilot.agent.md +49 -0
  243. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/cursor.agent.md +49 -0
  244. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/gemini.agent.md +49 -0
  245. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-cli.agent.json +5 -0
  246. package/agents/salesforce/salesforce-data-architecture-agent/harnesses/kiro-ide.agent.md +49 -0
  247. package/agents/salesforce/salesforce-data-architecture-agent/metadata.json +40 -0
  248. package/agents/salesforce/salesforce-development-agent/AGENT.md +114 -0
  249. package/agents/salesforce/salesforce-development-agent/LEAST-PRIVILEGES.md +89 -0
  250. package/agents/salesforce/salesforce-development-agent/harnesses/claude-code.agent.md +50 -0
  251. package/agents/salesforce/salesforce-development-agent/harnesses/codex.toml +36 -0
  252. package/agents/salesforce/salesforce-development-agent/harnesses/copilot.agent.md +50 -0
  253. package/agents/salesforce/salesforce-development-agent/harnesses/cursor.agent.md +50 -0
  254. package/agents/salesforce/salesforce-development-agent/harnesses/gemini.agent.md +50 -0
  255. package/agents/salesforce/salesforce-development-agent/harnesses/kiro-cli.agent.json +5 -0
  256. package/agents/salesforce/salesforce-development-agent/harnesses/kiro-ide.agent.md +50 -0
  257. package/agents/salesforce/salesforce-development-agent/metadata.json +40 -0
  258. package/agents/salesforce/salesforce-devops-release-agent/AGENT.md +115 -0
  259. package/agents/salesforce/salesforce-devops-release-agent/LEAST-PRIVILEGES.md +90 -0
  260. package/agents/salesforce/salesforce-devops-release-agent/harnesses/claude-code.agent.md +51 -0
  261. package/agents/salesforce/salesforce-devops-release-agent/harnesses/codex.toml +35 -0
  262. package/agents/salesforce/salesforce-devops-release-agent/harnesses/copilot.agent.md +51 -0
  263. package/agents/salesforce/salesforce-devops-release-agent/harnesses/cursor.agent.md +51 -0
  264. package/agents/salesforce/salesforce-devops-release-agent/harnesses/gemini.agent.md +51 -0
  265. package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-cli.agent.json +5 -0
  266. package/agents/salesforce/salesforce-devops-release-agent/harnesses/kiro-ide.agent.md +51 -0
  267. package/agents/salesforce/salesforce-devops-release-agent/metadata.json +40 -0
  268. package/agents/salesforce/salesforce-enterprise-architect-agent/AGENT.md +128 -0
  269. package/agents/salesforce/salesforce-enterprise-architect-agent/LEAST-PRIVILEGES.md +92 -0
  270. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/claude-code.agent.md +81 -0
  271. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/codex.toml +36 -0
  272. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/copilot.agent.md +81 -0
  273. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/cursor.agent.md +81 -0
  274. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/gemini.agent.md +81 -0
  275. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-cli.agent.json +5 -0
  276. package/agents/salesforce/salesforce-enterprise-architect-agent/harnesses/kiro-ide.agent.md +49 -0
  277. package/agents/salesforce/salesforce-enterprise-architect-agent/metadata.json +41 -0
  278. package/agents/salesforce/salesforce-experience-cloud-agent/AGENT.md +124 -0
  279. package/agents/salesforce/salesforce-experience-cloud-agent/LEAST-PRIVILEGES.md +80 -0
  280. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/claude-code.agent.md +79 -0
  281. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/codex.toml +35 -0
  282. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/copilot.agent.md +79 -0
  283. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/cursor.agent.md +79 -0
  284. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/gemini.agent.md +79 -0
  285. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  286. package/agents/salesforce/salesforce-experience-cloud-agent/harnesses/kiro-ide.agent.md +59 -0
  287. package/agents/salesforce/salesforce-experience-cloud-agent/metadata.json +40 -0
  288. package/agents/salesforce/salesforce-hyperforce-security-agent/AGENT.md +113 -0
  289. package/agents/salesforce/salesforce-hyperforce-security-agent/LEAST-PRIVILEGES.md +80 -0
  290. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/claude-code.agent.md +72 -0
  291. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/codex.toml +28 -0
  292. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/copilot.agent.md +72 -0
  293. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/cursor.agent.md +72 -0
  294. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/gemini.agent.md +72 -0
  295. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-cli.agent.json +5 -0
  296. package/agents/salesforce/salesforce-hyperforce-security-agent/harnesses/kiro-ide.agent.md +72 -0
  297. package/agents/salesforce/salesforce-hyperforce-security-agent/metadata.json +30 -0
  298. package/agents/salesforce/salesforce-industry-cloud-agent/AGENT.md +125 -0
  299. package/agents/salesforce/salesforce-industry-cloud-agent/LEAST-PRIVILEGES.md +88 -0
  300. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/claude-code.agent.md +80 -0
  301. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/codex.toml +41 -0
  302. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/copilot.agent.md +80 -0
  303. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/cursor.agent.md +80 -0
  304. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/gemini.agent.md +80 -0
  305. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  306. package/agents/salesforce/salesforce-industry-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
  307. package/agents/salesforce/salesforce-industry-cloud-agent/metadata.json +42 -0
  308. package/agents/salesforce/salesforce-integration-mulesoft-agent/AGENT.md +115 -0
  309. package/agents/salesforce/salesforce-integration-mulesoft-agent/LEAST-PRIVILEGES.md +91 -0
  310. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/claude-code.agent.md +50 -0
  311. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/codex.toml +35 -0
  312. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/copilot.agent.md +50 -0
  313. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/cursor.agent.md +50 -0
  314. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/gemini.agent.md +50 -0
  315. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-cli.agent.json +5 -0
  316. package/agents/salesforce/salesforce-integration-mulesoft-agent/harnesses/kiro-ide.agent.md +50 -0
  317. package/agents/salesforce/salesforce-integration-mulesoft-agent/metadata.json +40 -0
  318. package/agents/salesforce/salesforce-live-guard-agent/AGENT.md +126 -0
  319. package/agents/salesforce/salesforce-live-guard-agent/LEAST-PRIVILEGES.md +100 -0
  320. package/agents/salesforce/salesforce-live-guard-agent/harnesses/claude-code.agent.md +85 -0
  321. package/agents/salesforce/salesforce-live-guard-agent/harnesses/codex.toml +50 -0
  322. package/agents/salesforce/salesforce-live-guard-agent/harnesses/copilot.agent.md +85 -0
  323. package/agents/salesforce/salesforce-live-guard-agent/harnesses/cursor.agent.md +85 -0
  324. package/agents/salesforce/salesforce-live-guard-agent/harnesses/gemini.agent.md +85 -0
  325. package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-cli.agent.json +5 -0
  326. package/agents/salesforce/salesforce-live-guard-agent/harnesses/kiro-ide.agent.md +58 -0
  327. package/agents/salesforce/salesforce-live-guard-agent/metadata.json +39 -0
  328. package/agents/salesforce/salesforce-maestro-agent/AGENT.md +77 -0
  329. package/agents/salesforce/salesforce-maestro-agent/LEAST-PRIVILEGES.md +93 -0
  330. package/agents/salesforce/salesforce-maestro-agent/README.md +593 -0
  331. package/agents/salesforce/salesforce-maestro-agent/harnesses/claude-code.agent.md +65 -0
  332. package/agents/salesforce/salesforce-maestro-agent/harnesses/codex.toml +66 -0
  333. package/agents/salesforce/salesforce-maestro-agent/harnesses/copilot.agent.md +65 -0
  334. package/agents/salesforce/salesforce-maestro-agent/harnesses/cursor.agent.md +65 -0
  335. package/agents/salesforce/salesforce-maestro-agent/harnesses/gemini.agent.md +65 -0
  336. package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-cli.agent.json +5 -0
  337. package/agents/salesforce/salesforce-maestro-agent/harnesses/kiro-ide.agent.md +65 -0
  338. package/agents/salesforce/salesforce-maestro-agent/metadata.json +38 -0
  339. package/agents/salesforce/salesforce-marketing-cloud-agent/AGENT.md +124 -0
  340. package/agents/salesforce/salesforce-marketing-cloud-agent/LEAST-PRIVILEGES.md +86 -0
  341. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/claude-code.agent.md +78 -0
  342. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/codex.toml +34 -0
  343. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/copilot.agent.md +78 -0
  344. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/cursor.agent.md +78 -0
  345. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/gemini.agent.md +78 -0
  346. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-cli.agent.json +5 -0
  347. package/agents/salesforce/salesforce-marketing-cloud-agent/harnesses/kiro-ide.agent.md +48 -0
  348. package/agents/salesforce/salesforce-marketing-cloud-agent/metadata.json +41 -0
  349. package/agents/salesforce/salesforce-network-policy-architect-agent/AGENT.md +113 -0
  350. package/agents/salesforce/salesforce-network-policy-architect-agent/LEAST-PRIVILEGES.md +87 -0
  351. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/claude-code.agent.md +72 -0
  352. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/codex.toml +28 -0
  353. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/copilot.agent.md +72 -0
  354. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/cursor.agent.md +72 -0
  355. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/gemini.agent.md +72 -0
  356. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-cli.agent.json +5 -0
  357. package/agents/salesforce/salesforce-network-policy-architect-agent/harnesses/kiro-ide.agent.md +72 -0
  358. package/agents/salesforce/salesforce-network-policy-architect-agent/metadata.json +31 -0
  359. package/agents/salesforce/salesforce-platform-admin-review-agent/AGENT.md +113 -0
  360. package/agents/salesforce/salesforce-platform-admin-review-agent/LEAST-PRIVILEGES.md +88 -0
  361. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/claude-code.agent.md +49 -0
  362. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/codex.toml +36 -0
  363. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/copilot.agent.md +49 -0
  364. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/cursor.agent.md +49 -0
  365. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/gemini.agent.md +49 -0
  366. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-cli.agent.json +5 -0
  367. package/agents/salesforce/salesforce-platform-admin-review-agent/harnesses/kiro-ide.agent.md +49 -0
  368. package/agents/salesforce/salesforce-platform-admin-review-agent/metadata.json +40 -0
  369. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/AGENT.md +115 -0
  370. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/LEAST-PRIVILEGES.md +83 -0
  371. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/claude-code.agent.md +50 -0
  372. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/codex.toml +35 -0
  373. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/copilot.agent.md +50 -0
  374. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/cursor.agent.md +50 -0
  375. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/gemini.agent.md +50 -0
  376. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-cli.agent.json +5 -0
  377. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/harnesses/kiro-ide.agent.md +50 -0
  378. package/agents/salesforce/salesforce-sales-cloud-revenue-agent/metadata.json +40 -0
  379. package/agents/salesforce/salesforce-sandbox-governance-agent/AGENT.md +120 -0
  380. package/agents/salesforce/salesforce-sandbox-governance-agent/LEAST-PRIVILEGES.md +80 -0
  381. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/claude-code.agent.md +72 -0
  382. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/codex.toml +30 -0
  383. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/copilot.agent.md +72 -0
  384. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/cursor.agent.md +72 -0
  385. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/gemini.agent.md +72 -0
  386. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-cli.agent.json +5 -0
  387. package/agents/salesforce/salesforce-sandbox-governance-agent/harnesses/kiro-ide.agent.md +72 -0
  388. package/agents/salesforce/salesforce-sandbox-governance-agent/metadata.json +30 -0
  389. package/agents/salesforce/salesforce-sandbox-isolation-agent/AGENT.md +113 -0
  390. package/agents/salesforce/salesforce-sandbox-isolation-agent/LEAST-PRIVILEGES.md +90 -0
  391. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/claude-code.agent.md +71 -0
  392. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/codex.toml +28 -0
  393. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/copilot.agent.md +71 -0
  394. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/cursor.agent.md +71 -0
  395. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/gemini.agent.md +71 -0
  396. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-cli.agent.json +5 -0
  397. package/agents/salesforce/salesforce-sandbox-isolation-agent/harnesses/kiro-ide.agent.md +71 -0
  398. package/agents/salesforce/salesforce-sandbox-isolation-agent/metadata.json +30 -0
  399. package/agents/salesforce/salesforce-security-identity-access-agent/AGENT.md +118 -0
  400. package/agents/salesforce/salesforce-security-identity-access-agent/LEAST-PRIVILEGES.md +85 -0
  401. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/claude-code.agent.md +52 -0
  402. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/codex.toml +36 -0
  403. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/copilot.agent.md +52 -0
  404. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/cursor.agent.md +52 -0
  405. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/gemini.agent.md +52 -0
  406. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-cli.agent.json +5 -0
  407. package/agents/salesforce/salesforce-security-identity-access-agent/harnesses/kiro-ide.agent.md +52 -0
  408. package/agents/salesforce/salesforce-security-identity-access-agent/metadata.json +40 -0
  409. package/agents/salesforce/salesforce-service-field-service-agent/AGENT.md +115 -0
  410. package/agents/salesforce/salesforce-service-field-service-agent/LEAST-PRIVILEGES.md +82 -0
  411. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/claude-code.agent.md +50 -0
  412. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/codex.toml +35 -0
  413. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/copilot.agent.md +50 -0
  414. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/cursor.agent.md +50 -0
  415. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/gemini.agent.md +50 -0
  416. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-cli.agent.json +5 -0
  417. package/agents/salesforce/salesforce-service-field-service-agent/harnesses/kiro-ide.agent.md +50 -0
  418. package/agents/salesforce/salesforce-service-field-service-agent/metadata.json +40 -0
  419. package/agents/salesforce/salesforce-session-governance-agent/AGENT.md +116 -0
  420. package/agents/salesforce/salesforce-session-governance-agent/LEAST-PRIVILEGES.md +91 -0
  421. package/agents/salesforce/salesforce-session-governance-agent/harnesses/claude-code.agent.md +74 -0
  422. package/agents/salesforce/salesforce-session-governance-agent/harnesses/codex.toml +28 -0
  423. package/agents/salesforce/salesforce-session-governance-agent/harnesses/copilot.agent.md +74 -0
  424. package/agents/salesforce/salesforce-session-governance-agent/harnesses/cursor.agent.md +74 -0
  425. package/agents/salesforce/salesforce-session-governance-agent/harnesses/gemini.agent.md +74 -0
  426. package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-cli.agent.json +5 -0
  427. package/agents/salesforce/salesforce-session-governance-agent/harnesses/kiro-ide.agent.md +74 -0
  428. package/agents/salesforce/salesforce-session-governance-agent/metadata.json +30 -0
  429. package/agents/salesforce/salesforce-slack-collaboration-agent/AGENT.md +123 -0
  430. package/agents/salesforce/salesforce-slack-collaboration-agent/LEAST-PRIVILEGES.md +86 -0
  431. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/claude-code.agent.md +79 -0
  432. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/codex.toml +35 -0
  433. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/copilot.agent.md +79 -0
  434. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/cursor.agent.md +79 -0
  435. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/gemini.agent.md +79 -0
  436. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-cli.agent.json +5 -0
  437. package/agents/salesforce/salesforce-slack-collaboration-agent/harnesses/kiro-ide.agent.md +48 -0
  438. package/agents/salesforce/salesforce-slack-collaboration-agent/metadata.json +41 -0
  439. package/assets/logos/cloud/salesforce/salesforce.svg +34 -0
  440. package/catalog/agents.json +1785 -353
  441. package/catalog/asset-integrity.json +2866 -411
  442. package/catalog/install-roles.json +96 -0
  443. package/catalog/skill-manifest.json +1238 -138
  444. package/catalog/skills.json +1587 -333
  445. package/package.json +3 -2
  446. package/plugins/vanguard-frontier-agentic/.codex-plugin/plugin.json +1 -1
  447. package/powers/vanguard-salesforce/POWER.md +42 -0
  448. package/schemas/agent.schema.json +5 -1
  449. package/schemas/skill.frontmatter.schema.json +33 -3
  450. package/schemas/skill.schema.json +5 -1
  451. package/scripts/export-marketplace-agents.mjs +30 -2
  452. package/scripts/generate-kiro-powers.mjs +12 -0
  453. package/scripts/release-prepare.mjs +35 -0
  454. package/skills/aws/aws-agentcore/references/official-sources.md +19 -19
  455. package/skills/aws/aws-generative-ai-developer/references/official-sources.md +10 -10
  456. package/skills/azure/azure-ai-foundry-ops-governor/references/workflow-and-output.md +2 -2
  457. package/skills/azure/azure-aks-platform-operator/references/workflow-and-output.md +1 -1
  458. package/skills/azure/azure-app-service-production-readiness/references/workflow-and-output.md +1 -1
  459. package/skills/azure/azure-cosmosdb-application-developer/references/official-sources.md +11 -11
  460. package/skills/azure/azure-cosmosdb-performance-investigator/references/official-sources.md +11 -11
  461. package/skills/azure/azure-cosmosdb-platform-operator/references/official-sources.md +10 -10
  462. package/skills/azure/azure-cost-estimation-review/references/workflow-and-output.md +1 -1
  463. package/skills/azure/azure-cost-optimization-governor/references/workflow-and-output.md +1 -1
  464. package/skills/azure/azure-entra-id-specialist/references/official-sources.md +28 -28
  465. package/skills/azure/azure-identity-governance-review/references/official-sources.md +11 -11
  466. package/skills/azure/azure-identity-governance-review/references/workflow-and-output.md +1 -1
  467. package/skills/azure/azure-key-vault-secret-lifecycle-auditor/references/workflow-and-output.md +1 -1
  468. package/skills/azure/azure-migrate-landing-zone-cutover/references/workflow-and-output.md +1 -1
  469. package/skills/azure/azure-platform-automation-devops/references/workflow-and-output.md +1 -1
  470. package/skills/azure/azure-private-endpoint-adoption-planner/references/workflow-and-output.md +1 -1
  471. package/skills/azure/azure-resource-health-incident-triage/references/workflow-and-output.md +6 -6
  472. package/skills/azure/azure-subscription-resource-organization/references/workflow-and-output.md +1 -1
  473. package/skills/cross-functional/salesforce-case-capsule/SKILL.md +164 -0
  474. package/skills/cross-functional/salesforce-case-capsule/metadata.json +19 -0
  475. package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/SKILL.md +165 -0
  476. package/skills/cross-functional/salesforce-data-exposure-escalation-protocol/metadata.json +19 -0
  477. package/skills/cross-functional/salesforce-live-change-approval-protocol/SKILL.md +118 -0
  478. package/skills/cross-functional/salesforce-live-change-approval-protocol/metadata.json +19 -0
  479. package/skills/cross-functional/salesforce-risk-taxonomy/SKILL.md +162 -0
  480. package/skills/cross-functional/salesforce-risk-taxonomy/metadata.json +19 -0
  481. package/skills/cross-functional/salesforce-routing-protocol/SKILL.md +159 -0
  482. package/skills/cross-functional/salesforce-routing-protocol/metadata.json +19 -0
  483. package/skills/dotnet/dotnet-aspire-cloud-native-review/SKILL.md +53 -0
  484. package/skills/dotnet/dotnet-aspire-cloud-native-review/metadata.json +27 -0
  485. package/skills/dotnet/dotnet-aspire-cloud-native-review/references/workflow-and-output.md +115 -0
  486. package/skills/dotnet/dotnet-aspnetcore-api-review/SKILL.md +53 -0
  487. package/skills/dotnet/dotnet-aspnetcore-api-review/metadata.json +28 -0
  488. package/skills/dotnet/dotnet-aspnetcore-api-review/references/workflow-and-output.md +115 -0
  489. package/skills/dotnet/dotnet-aspnetcore-identity-authz-review/SKILL.md +48 -0
  490. package/skills/dotnet/dotnet-aspnetcore-identity-authz-review/metadata.json +28 -0
  491. package/skills/dotnet/dotnet-aspnetcore-identity-authz-review/references/workflow-and-output.md +125 -0
  492. package/skills/dotnet/dotnet-csharp-runtime-review/SKILL.md +56 -0
  493. package/skills/dotnet/dotnet-csharp-runtime-review/metadata.json +28 -0
  494. package/skills/dotnet/dotnet-csharp-runtime-review/references/workflow-and-output.md +141 -0
  495. package/skills/dotnet/dotnet-efcore-data-access-review/SKILL.md +57 -0
  496. package/skills/dotnet/dotnet-efcore-data-access-review/metadata.json +28 -0
  497. package/skills/dotnet/dotnet-efcore-data-access-review/references/workflow-and-output.md +140 -0
  498. package/skills/dotnet/dotnet-maestro/SKILL.md +106 -0
  499. package/skills/dotnet/dotnet-maestro/metadata.json +26 -0
  500. package/skills/dotnet/dotnet-observability-otel-review/SKILL.md +53 -0
  501. package/skills/dotnet/dotnet-observability-otel-review/metadata.json +27 -0
  502. package/skills/dotnet/dotnet-observability-otel-review/references/workflow-and-output.md +119 -0
  503. package/skills/dotnet/dotnet-performance-aot-review/SKILL.md +53 -0
  504. package/skills/dotnet/dotnet-performance-aot-review/metadata.json +27 -0
  505. package/skills/dotnet/dotnet-performance-aot-review/references/workflow-and-output.md +123 -0
  506. package/skills/dotnet/dotnet-supply-chain-review/SKILL.md +55 -0
  507. package/skills/dotnet/dotnet-supply-chain-review/metadata.json +28 -0
  508. package/skills/dotnet/dotnet-supply-chain-review/references/workflow-and-output.md +132 -0
  509. package/skills/dotnet/dotnet-testing-quality-review/SKILL.md +54 -0
  510. package/skills/dotnet/dotnet-testing-quality-review/metadata.json +27 -0
  511. package/skills/dotnet/dotnet-testing-quality-review/references/workflow-and-output.md +142 -0
  512. package/skills/finops/focus-spec-normalizer/references/focus-columns.md +2 -2
  513. package/skills/gcp/gcp-alloydb-ai-developer/SKILL.md +1 -1
  514. package/skills/gcp/gcp-gemini-api-developer/SKILL.md +2 -2
  515. package/skills/hr/hr-risk-triage-review/metadata.json +9 -2
  516. package/skills/legal/legal-counsel-review/metadata.json +9 -2
  517. package/skills/nvidia/nvidia-model-promotion-gatekeeper/SKILL.md +1 -1
  518. package/skills/nvidia/nvidia-model-promotion-gatekeeper/references/allowlist-commands.md +1 -1
  519. package/skills/oci/oci-compute-platform-operator/SKILL.md +0 -2
  520. package/skills/oci/oci-cost-finops-analyst/SKILL.md +0 -2
  521. package/skills/oci/oci-database-platform-dba/SKILL.md +0 -2
  522. package/skills/oci/oci-devops-container-platform-engineer/SKILL.md +0 -2
  523. package/skills/oci/oci-identity-access-governor/SKILL.md +0 -2
  524. package/skills/oci/oci-multi-cloud-architect/SKILL.md +0 -2
  525. package/skills/oci/oci-network-architect/SKILL.md +0 -2
  526. package/skills/oci/oci-observability-incident-responder/SKILL.md +0 -2
  527. package/skills/oci/oci-security-compliance-reviewer/SKILL.md +0 -2
  528. package/skills/oci/oci-solution-architect/SKILL.md +1 -3
  529. package/skills/oci/oci-storage-backup-steward/SKILL.md +0 -2
  530. package/skills/prometheus/prometheus-alerting-cardinality-review/SKILL.md +1 -1
  531. package/skills/prometheus/prometheus-alerting-cardinality-review/references/workflow-and-output.md +4 -4
  532. package/skills/qa/ci-test-pipeline-review/references/workflow-and-output.md +1 -1
  533. package/skills/qa/llm-ai-pipeline-test-review/references/workflow-and-output.md +1 -1
  534. package/skills/qa/playwright-e2e-suite-review/SKILL.md +4 -4
  535. package/skills/qa/playwright-e2e-suite-review/references/workflow-and-output.md +12 -12
  536. package/skills/qa/plc-control-logic-safety-review/references/workflow-and-output.md +2 -2
  537. package/skills/qa/test-coverage-quality-review/SKILL.md +1 -1
  538. package/skills/qa/test-coverage-quality-review/references/workflow-and-output.md +8 -8
  539. package/skills/qa/test-flakiness-triage/SKILL.md +1 -1
  540. package/skills/qa/test-flakiness-triage/references/workflow-and-output.md +1 -1
  541. package/skills/salesforce/README.md +117 -0
  542. package/skills/salesforce/salesforce-agentforce-risk-review-skill/SKILL.md +206 -0
  543. package/skills/salesforce/salesforce-agentforce-risk-review-skill/metadata.json +18 -0
  544. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/action-safety-matrix.md +160 -0
  545. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/agentforce-anti-patterns.md +193 -0
  546. package/skills/salesforce/salesforce-agentforce-risk-review-skill/references/grounding-source-evaluation.md +162 -0
  547. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/SKILL.md +557 -0
  548. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/metadata.json +41 -0
  549. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/observability-rubric.md +219 -0
  550. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/privacy-redaction.md +240 -0
  551. package/skills/salesforce/salesforce-agentforce-stdm-observer-skill/references/stdm-queries.md +436 -0
  552. package/skills/salesforce/salesforce-apex-generator-skill/SKILL.md +307 -0
  553. package/skills/salesforce/salesforce-apex-generator-skill/metadata.json +30 -0
  554. package/skills/salesforce/salesforce-apex-generator-skill/references/apex-patterns.md +224 -0
  555. package/skills/salesforce/salesforce-apex-generator-skill/references/governor-limits.md +175 -0
  556. package/skills/salesforce/salesforce-apex-generator-skill/references/security-defaults.md +155 -0
  557. package/skills/salesforce/salesforce-apex-log-analyzer-skill/SKILL.md +360 -0
  558. package/skills/salesforce/salesforce-apex-log-analyzer-skill/metadata.json +38 -0
  559. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/governor-limit-signatures.md +174 -0
  560. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/log-format-reference.md +154 -0
  561. package/skills/salesforce/salesforce-apex-log-analyzer-skill/references/redaction-rules.md +178 -0
  562. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/SKILL.md +195 -0
  563. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/metadata.json +18 -0
  564. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/apex-anti-patterns.md +270 -0
  565. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/governor-limits-reference.md +198 -0
  566. package/skills/salesforce/salesforce-apex-lwc-code-review-skill/references/lwc-security.md +206 -0
  567. package/skills/salesforce/salesforce-apex-test-generator-skill/SKILL.md +274 -0
  568. package/skills/salesforce/salesforce-apex-test-generator-skill/metadata.json +29 -0
  569. package/skills/salesforce/salesforce-apex-test-generator-skill/references/assertion-patterns.md +174 -0
  570. package/skills/salesforce/salesforce-apex-test-generator-skill/references/async-testing.md +217 -0
  571. package/skills/salesforce/salesforce-apex-test-generator-skill/references/test-data-factory.md +174 -0
  572. package/skills/salesforce/salesforce-apex-test-runner-skill/SKILL.md +344 -0
  573. package/skills/salesforce/salesforce-apex-test-runner-skill/metadata.json +37 -0
  574. package/skills/salesforce/salesforce-apex-test-runner-skill/references/cli-commands.md +162 -0
  575. package/skills/salesforce/salesforce-apex-test-runner-skill/references/coverage-analysis.md +107 -0
  576. package/skills/salesforce/salesforce-apex-test-runner-skill/references/failure-diagnosis.md +187 -0
  577. package/skills/salesforce/salesforce-bulk-data-ops-skill/SKILL.md +356 -0
  578. package/skills/salesforce/salesforce-bulk-data-ops-skill/metadata.json +29 -0
  579. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/anonymous-apex-patterns.md +380 -0
  580. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/data-loader-templates.md +209 -0
  581. package/skills/salesforce/salesforce-bulk-data-ops-skill/references/rollback-strategy.md +209 -0
  582. package/skills/salesforce/salesforce-deployment-validator-skill/SKILL.md +380 -0
  583. package/skills/salesforce/salesforce-deployment-validator-skill/metadata.json +37 -0
  584. package/skills/salesforce/salesforce-deployment-validator-skill/references/cli-commands.md +264 -0
  585. package/skills/salesforce/salesforce-deployment-validator-skill/references/production-refusal-rules.md +243 -0
  586. package/skills/salesforce/salesforce-deployment-validator-skill/references/test-selection-strategy.md +250 -0
  587. package/skills/salesforce/salesforce-devsecops-pipeline-skill/SKILL.md +195 -0
  588. package/skills/salesforce/salesforce-devsecops-pipeline-skill/metadata.json +19 -0
  589. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/change-impact-categories.md +216 -0
  590. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sandbox-masking-strategy.md +193 -0
  591. package/skills/salesforce/salesforce-devsecops-pipeline-skill/references/sca-rule-catalog.md +226 -0
  592. package/skills/salesforce/salesforce-field-mapping-skill/SKILL.md +348 -0
  593. package/skills/salesforce/salesforce-field-mapping-skill/metadata.json +29 -0
  594. package/skills/salesforce/salesforce-field-mapping-skill/references/api-name-normalization.md +141 -0
  595. package/skills/salesforce/salesforce-field-mapping-skill/references/picklist-value-mapping.md +245 -0
  596. package/skills/salesforce/salesforce-field-mapping-skill/references/type-mismatch-detection.md +187 -0
  597. package/skills/salesforce/salesforce-flow-automation-review-skill/SKILL.md +163 -0
  598. package/skills/salesforce/salesforce-flow-automation-review-skill/metadata.json +18 -0
  599. package/skills/salesforce/salesforce-flow-automation-review-skill/references/automation-conflict-matrix.md +193 -0
  600. package/skills/salesforce/salesforce-flow-automation-review-skill/references/fault-path-design.md +189 -0
  601. package/skills/salesforce/salesforce-flow-automation-review-skill/references/flow-anti-patterns.md +211 -0
  602. package/skills/salesforce/salesforce-flow-debugger-skill/SKILL.md +355 -0
  603. package/skills/salesforce/salesforce-flow-debugger-skill/metadata.json +35 -0
  604. package/skills/salesforce/salesforce-flow-debugger-skill/references/fault-path-design.md +175 -0
  605. package/skills/salesforce/salesforce-flow-debugger-skill/references/flow-error-patterns.md +247 -0
  606. package/skills/salesforce/salesforce-flow-debugger-skill/references/interview-log-redaction.md +171 -0
  607. package/skills/salesforce/salesforce-infrastructure-audit-skill/SKILL.md +137 -0
  608. package/skills/salesforce/salesforce-infrastructure-audit-skill/metadata.json +19 -0
  609. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/hyperforce-deployment-controls.md +181 -0
  610. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/network-policy-reference.md +200 -0
  611. package/skills/salesforce/salesforce-infrastructure-audit-skill/references/session-policy-reference.md +219 -0
  612. package/skills/salesforce/salesforce-integration-review-skill/SKILL.md +186 -0
  613. package/skills/salesforce/salesforce-integration-review-skill/metadata.json +18 -0
  614. package/skills/salesforce/salesforce-integration-review-skill/references/integration-anti-patterns.md +280 -0
  615. package/skills/salesforce/salesforce-integration-review-skill/references/integration-pattern-reference.md +239 -0
  616. package/skills/salesforce/salesforce-integration-review-skill/references/named-credential-design.md +211 -0
  617. package/skills/salesforce/salesforce-marketing-consent-review-skill/SKILL.md +204 -0
  618. package/skills/salesforce/salesforce-marketing-consent-review-skill/metadata.json +18 -0
  619. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-anti-patterns.md +247 -0
  620. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/consent-model-reference.md +205 -0
  621. package/skills/salesforce/salesforce-marketing-consent-review-skill/references/regulatory-mapping.md +192 -0
  622. package/skills/salesforce/salesforce-metadata-fetcher-skill/SKILL.md +418 -0
  623. package/skills/salesforce/salesforce-metadata-fetcher-skill/metadata.json +50 -0
  624. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/cli-commands.md +347 -0
  625. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/delegation-routing.md +416 -0
  626. package/skills/salesforce/salesforce-metadata-fetcher-skill/references/sanitization-rules.md +392 -0
  627. package/skills/salesforce/salesforce-metadata-review-skill/SKILL.md +148 -0
  628. package/skills/salesforce/salesforce-metadata-review-skill/metadata.json +18 -0
  629. package/skills/salesforce/salesforce-metadata-review-skill/references/deprecated-metadata.md +217 -0
  630. package/skills/salesforce/salesforce-metadata-review-skill/references/field-hygiene-rules.md +182 -0
  631. package/skills/salesforce/salesforce-metadata-review-skill/references/object-design-patterns.md +187 -0
  632. package/skills/salesforce/salesforce-org-assessment-skill/SKILL.md +137 -0
  633. package/skills/salesforce/salesforce-org-assessment-skill/metadata.json +18 -0
  634. package/skills/salesforce/salesforce-org-assessment-skill/references/assessment-rubric.md +228 -0
  635. package/skills/salesforce/salesforce-org-assessment-skill/references/risk-register-template.md +211 -0
  636. package/skills/salesforce/salesforce-org-assessment-skill/references/tech-debt-indicators.md +252 -0
  637. package/skills/salesforce/salesforce-permission-model-review-skill/SKILL.md +165 -0
  638. package/skills/salesforce/salesforce-permission-model-review-skill/metadata.json +18 -0
  639. package/skills/salesforce/salesforce-permission-model-review-skill/references/fls-review-patterns.md +235 -0
  640. package/skills/salesforce/salesforce-permission-model-review-skill/references/permission-set-strategy.md +203 -0
  641. package/skills/salesforce/salesforce-permission-model-review-skill/references/toxic-combinations.md +228 -0
  642. package/skills/salesforce/salesforce-release-readiness-skill/SKILL.md +185 -0
  643. package/skills/salesforce/salesforce-release-readiness-skill/metadata.json +18 -0
  644. package/skills/salesforce/salesforce-release-readiness-skill/references/release-checklist.md +191 -0
  645. package/skills/salesforce/salesforce-release-readiness-skill/references/rollback-strategy.md +234 -0
  646. package/skills/salesforce/salesforce-release-readiness-skill/references/test-coverage-strategy.md +314 -0
  647. package/skills/salesforce/salesforce-soql-explorer-skill/SKILL.md +391 -0
  648. package/skills/salesforce/salesforce-soql-explorer-skill/metadata.json +35 -0
  649. package/skills/salesforce/salesforce-soql-explorer-skill/references/cli-commands.md +266 -0
  650. package/skills/salesforce/salesforce-soql-explorer-skill/references/least-privilege-scope.md +224 -0
  651. package/skills/salesforce/salesforce-soql-explorer-skill/references/safe-query-patterns.md +317 -0
  652. package/skills/salesforce/salesforce-soql-generator-skill/SKILL.md +305 -0
  653. package/skills/salesforce/salesforce-soql-generator-skill/metadata.json +25 -0
  654. package/skills/salesforce/salesforce-soql-generator-skill/references/common-patterns.md +293 -0
  655. package/skills/salesforce/salesforce-soql-generator-skill/references/governor-limits.md +171 -0
  656. package/skills/salesforce/salesforce-soql-generator-skill/references/soql-syntax-quickref.md +255 -0
  657. package/skills/salesforce/salesforce-validation-rule-writer-skill/SKILL.md +329 -0
  658. package/skills/salesforce/salesforce-validation-rule-writer-skill/metadata.json +28 -0
  659. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/error-message-style.md +132 -0
  660. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/formula-syntax-quickref.md +182 -0
  661. package/skills/salesforce/salesforce-validation-rule-writer-skill/references/validation-patterns.md +214 -0
  662. package/skills/salesforce/salesforce-zero-trust-maturity-skill/SKILL.md +164 -0
  663. package/skills/salesforce/salesforce-zero-trust-maturity-skill/metadata.json +19 -0
  664. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/continuous-verification-patterns.md +209 -0
  665. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/maturity-scoring-rubric.md +179 -0
  666. package/skills/salesforce/salesforce-zero-trust-maturity-skill/references/nist-zta-pillars.md +194 -0
  667. package/tests/fixtures/dotnet-maestro-routing/expected/01-csharp-runtime.json +6 -0
  668. package/tests/fixtures/dotnet-maestro-routing/expected/02-aspnetcore-api.json +6 -0
  669. package/tests/fixtures/dotnet-maestro-routing/expected/03-identity-authz.json +6 -0
  670. package/tests/fixtures/dotnet-maestro-routing/expected/04-efcore-data.json +6 -0
  671. package/tests/fixtures/dotnet-maestro-routing/expected/05-testing-quality.json +6 -0
  672. package/tests/fixtures/dotnet-maestro-routing/expected/06-supply-chain.json +6 -0
  673. package/tests/fixtures/dotnet-maestro-routing/expected/07-performance-aot.json +6 -0
  674. package/tests/fixtures/dotnet-maestro-routing/expected/08-observability-otel.json +6 -0
  675. package/tests/fixtures/dotnet-maestro-routing/expected/09-aspire-cloud-native.json +6 -0
  676. package/tests/fixtures/dotnet-maestro-routing/expected/10-multi-domain.json +7 -0
  677. package/tests/fixtures/dotnet-maestro-routing/expected/11-ambiguous.json +4 -0
  678. package/tests/fixtures/dotnet-maestro-routing/expected/adv-ambiguous-near-miss.json +4 -0
  679. package/tests/fixtures/dotnet-maestro-routing/expected/adv-instruction-injection.json +6 -0
  680. package/tests/fixtures/dotnet-maestro-routing/expected/adv-live-guard-bypass.json +4 -0
  681. package/tests/fixtures/dotnet-maestro-routing/expected/adv-parallel-saturation.json +9 -0
  682. package/tests/fixtures/dotnet-maestro-routing/expected/adv-persona-replacement.json +6 -0
  683. package/tests/fixtures/dotnet-maestro-routing/expected/adv-secrets-bait.json +6 -0
  684. package/tests/fixtures/dotnet-maestro-routing/inputs/01-csharp-runtime.json +7 -0
  685. package/tests/fixtures/dotnet-maestro-routing/inputs/02-aspnetcore-api.json +7 -0
  686. package/tests/fixtures/dotnet-maestro-routing/inputs/03-identity-authz.json +7 -0
  687. package/tests/fixtures/dotnet-maestro-routing/inputs/04-efcore-data.json +7 -0
  688. package/tests/fixtures/dotnet-maestro-routing/inputs/05-testing-quality.json +7 -0
  689. package/tests/fixtures/dotnet-maestro-routing/inputs/06-supply-chain.json +7 -0
  690. package/tests/fixtures/dotnet-maestro-routing/inputs/07-performance-aot.json +7 -0
  691. package/tests/fixtures/dotnet-maestro-routing/inputs/08-observability-otel.json +7 -0
  692. package/tests/fixtures/dotnet-maestro-routing/inputs/09-aspire-cloud-native.json +7 -0
  693. package/tests/fixtures/dotnet-maestro-routing/inputs/10-multi-domain.json +7 -0
  694. package/tests/fixtures/dotnet-maestro-routing/inputs/11-ambiguous.json +7 -0
  695. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-ambiguous-near-miss.json +7 -0
  696. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-instruction-injection.json +7 -0
  697. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-live-guard-bypass.json +7 -0
  698. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-parallel-saturation.json +7 -0
  699. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-persona-replacement.json +7 -0
  700. package/tests/fixtures/dotnet-maestro-routing/inputs/adv-secrets-bait.json +7 -0
  701. package/tests/fixtures/dotnet-maestro-routing/taxonomy.json +99 -0
  702. package/tests/fixtures/salesforce-maestro-routing/expected/001-happy-platform-admin-review.json +6 -0
  703. package/tests/fixtures/salesforce-maestro-routing/expected/002-happy-business-analyst.json +6 -0
  704. package/tests/fixtures/salesforce-maestro-routing/expected/003-happy-app-builder-automation.json +6 -0
  705. package/tests/fixtures/salesforce-maestro-routing/expected/004-happy-development.json +6 -0
  706. package/tests/fixtures/salesforce-maestro-routing/expected/005-happy-devops-release.json +6 -0
  707. package/tests/fixtures/salesforce-maestro-routing/expected/006-happy-security-identity-access.json +6 -0
  708. package/tests/fixtures/salesforce-maestro-routing/expected/007-happy-data-architecture.json +6 -0
  709. package/tests/fixtures/salesforce-maestro-routing/expected/008-happy-integration-mulesoft.json +6 -0
  710. package/tests/fixtures/salesforce-maestro-routing/expected/009-happy-sales-cloud-revenue.json +6 -0
  711. package/tests/fixtures/salesforce-maestro-routing/expected/010-happy-marketing-cloud.json +6 -0
  712. package/tests/fixtures/salesforce-maestro-routing/expected/011-happy-agentforce-ai.json +6 -0
  713. package/tests/fixtures/salesforce-maestro-routing/expected/012-happy-analytics-tableau.json +6 -0
  714. package/tests/fixtures/salesforce-maestro-routing/expected/013-happy-compliance-privacy.json +6 -0
  715. package/tests/fixtures/salesforce-maestro-routing/expected/014-happy-network-policy-architect.json +6 -0
  716. package/tests/fixtures/salesforce-maestro-routing/expected/015-happy-hyperforce-security.json +6 -0
  717. package/tests/fixtures/salesforce-maestro-routing/expected/016-happy-sandbox-isolation.json +6 -0
  718. package/tests/fixtures/salesforce-maestro-routing/expected/017-happy-session-governance.json +6 -0
  719. package/tests/fixtures/salesforce-maestro-routing/expected/018-happy-continuous-verification.json +6 -0
  720. package/tests/fixtures/salesforce-maestro-routing/expected/019-happy-certificate-lifecycle.json +6 -0
  721. package/tests/fixtures/salesforce-maestro-routing/expected/020-happy-adaptive-access.json +6 -0
  722. package/tests/fixtures/salesforce-maestro-routing/expected/021-happy-code-analyzer-orchestrator.json +6 -0
  723. package/tests/fixtures/salesforce-maestro-routing/expected/022-happy-sandbox-governance.json +6 -0
  724. package/tests/fixtures/salesforce-maestro-routing/expected/023-happy-change-impact-analyst.json +6 -0
  725. package/tests/fixtures/salesforce-maestro-routing/expected/adv-ambiguous.json +4 -0
  726. package/tests/fixtures/salesforce-maestro-routing/expected/adv-instruction-injection.json +6 -0
  727. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-01-live-org-deploy-guard.json +6 -0
  728. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-02-live-mass-delete-guard.json +6 -0
  729. package/tests/fixtures/salesforce-maestro-routing/expected/adv-liveguard-03-live-release-to-prod-guard.json +6 -0
  730. package/tests/fixtures/salesforce-maestro-routing/expected/adv-persona-replacement.json +6 -0
  731. package/tests/fixtures/salesforce-maestro-routing/expected/adv-secrets-bait.json +6 -0
  732. package/tests/fixtures/salesforce-maestro-routing/inputs/001-happy-platform-admin-review.json +7 -0
  733. package/tests/fixtures/salesforce-maestro-routing/inputs/002-happy-business-analyst.json +7 -0
  734. package/tests/fixtures/salesforce-maestro-routing/inputs/003-happy-app-builder-automation.json +7 -0
  735. package/tests/fixtures/salesforce-maestro-routing/inputs/004-happy-development.json +7 -0
  736. package/tests/fixtures/salesforce-maestro-routing/inputs/005-happy-devops-release.json +7 -0
  737. package/tests/fixtures/salesforce-maestro-routing/inputs/006-happy-security-identity-access.json +7 -0
  738. package/tests/fixtures/salesforce-maestro-routing/inputs/007-happy-data-architecture.json +7 -0
  739. package/tests/fixtures/salesforce-maestro-routing/inputs/008-happy-integration-mulesoft.json +7 -0
  740. package/tests/fixtures/salesforce-maestro-routing/inputs/009-happy-sales-cloud-revenue.json +7 -0
  741. package/tests/fixtures/salesforce-maestro-routing/inputs/010-happy-marketing-cloud.json +7 -0
  742. package/tests/fixtures/salesforce-maestro-routing/inputs/011-happy-agentforce-ai.json +7 -0
  743. package/tests/fixtures/salesforce-maestro-routing/inputs/012-happy-analytics-tableau.json +7 -0
  744. package/tests/fixtures/salesforce-maestro-routing/inputs/013-happy-compliance-privacy.json +7 -0
  745. package/tests/fixtures/salesforce-maestro-routing/inputs/014-happy-network-policy-architect.json +7 -0
  746. package/tests/fixtures/salesforce-maestro-routing/inputs/015-happy-hyperforce-security.json +7 -0
  747. package/tests/fixtures/salesforce-maestro-routing/inputs/016-happy-sandbox-isolation.json +7 -0
  748. package/tests/fixtures/salesforce-maestro-routing/inputs/017-happy-session-governance.json +7 -0
  749. package/tests/fixtures/salesforce-maestro-routing/inputs/018-happy-continuous-verification.json +7 -0
  750. package/tests/fixtures/salesforce-maestro-routing/inputs/019-happy-certificate-lifecycle.json +7 -0
  751. package/tests/fixtures/salesforce-maestro-routing/inputs/020-happy-adaptive-access.json +7 -0
  752. package/tests/fixtures/salesforce-maestro-routing/inputs/021-happy-code-analyzer-orchestrator.json +7 -0
  753. package/tests/fixtures/salesforce-maestro-routing/inputs/022-happy-sandbox-governance.json +7 -0
  754. package/tests/fixtures/salesforce-maestro-routing/inputs/023-happy-change-impact-analyst.json +7 -0
  755. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-ambiguous.json +7 -0
  756. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-instruction-injection.json +7 -0
  757. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-01-live-org-deploy-guard.json +7 -0
  758. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-02-live-mass-delete-guard.json +7 -0
  759. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-liveguard-03-live-release-to-prod-guard.json +7 -0
  760. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-persona-replacement.json +7 -0
  761. package/tests/fixtures/salesforce-maestro-routing/inputs/adv-secrets-bait.json +7 -0
  762. package/tests/fixtures/salesforce-maestro-routing/taxonomy.json +371 -0
  763. package/tests/test-vfa-export-coverage.test.mjs +29 -8
  764. package/tests/validate-catalog.py +15 -1
  765. package/tests/validate-plugin-manifest.py +11 -1
package/skills/salesforce/salesforce-metadata-fetcher-skill/references/sanitization-rules.md ADDED
@@ -0,0 +1,392 @@
1
+ # Sanitization Rules Reference — salesforce-metadata-fetcher-skill
2
+
3
+ This reference documents precise sanitization rules that must be applied to all
4
+ metadata retrieved from a live Salesforce org before the data is passed to any
5
+ downstream review skill or surfaced to the user.
6
+
7
+ Sanitization is **mandatory and non-negotiable**. Output must not be emitted if
8
+ sanitization has not been completed and confirmed.
9
+
10
+ ---
11
+
12
+ ## Rule Classification
13
+
14
+ | Code | Severity | Action |
15
+ |---|---|---|
16
+ | S-STOP | Critical | Stop processing immediately; do not emit partial output |
17
+ | S-REDACT | High | Replace with placeholder; note in `skip_reasons` |
18
+ | S-FLAG | Medium | Flag for review; include in output with a caveat note |
19
+ | S-SKIP | High | Omit the field from output entirely; note in `encrypted_fields_skipped` |
20
+
21
+ ---
22
+
23
+ ## ID Redaction Rules
24
+
25
+ ### Rule S-ID-01 — Org ID
26
+
27
+ **Pattern:** `00D[A-Za-z0-9]{12,15}`
28
+
29
+ **Description:** Salesforce organization ID. Always starts with `00D`. May appear in:
30
+ - API responses as `organizationId`
31
+ - SOQL filter conditions embedded in flow XML
32
+ - Formula field expressions
33
+ - Field default values
34
+
35
+ **Action:** S-REDACT — Replace with `<org_id_placeholder>`.
36
+
37
+ **Regex (Python-compatible):**
38
+
39
+ ```python
40
+ import re
41
+ ORG_ID_PATTERN = re.compile(r'\b00D[A-Za-z0-9]{12,15}\b')
42
+
43
+ def redact_org_ids(text: str) -> str:
44
+ return ORG_ID_PATTERN.sub('<org_id_placeholder>', text)
45
+ ```
46
+
47
+ **Note:** Both 15-character and 18-character forms must be matched. The `{12,15}` suffix after
48
+ the `00D` prefix produces 15-to-18-character total IDs.
49
+
50
+ ---
51
+
52
+ ### Rule S-ID-02 — User ID
53
+
54
+ **Pattern:** `005[A-Za-z0-9]{12,15}`
55
+
56
+ **Description:** Salesforce user record ID. Always starts with `005`. May appear in:
57
+ - `createdById`, `lastModifiedById` fields in metadata list output
58
+ - Flow variable default values
59
+ - Profile/PermissionSet assignment records
60
+ - Apex class hardcoded values
61
+
62
+ **Action:** S-REDACT — Replace with `<user_id_placeholder>`.
63
+
64
+ **Regex (Python-compatible):**
65
+
66
+ ```python
67
+ USER_ID_PATTERN = re.compile(r'\b005[A-Za-z0-9]{12,15}\b')
68
+
69
+ def redact_user_ids(text: str) -> str:
70
+ return USER_ID_PATTERN.sub('<user_id_placeholder>', text)
71
+ ```
72
+
73
+ ---
74
+
75
+ ### Rule S-ID-03 — Profile / Permission Set ID
76
+
77
+ **Pattern:** `00e[A-Za-z0-9]{12,15}`
78
+
79
+ **Description:** Salesforce profile or permission set record ID. May appear in:
80
+ - Profile metadata XML
81
+ - Permission set assignments
82
+ - Sharing rule criteria
83
+
84
+ **Action:** S-REDACT — Replace with `<profile_id_placeholder>`.
85
+
86
+ **Regex (Python-compatible):**
87
+
88
+ ```python
89
+ PROFILE_ID_PATTERN = re.compile(r'\b00e[A-Za-z0-9]{12,15}\b')
90
+
91
+ def redact_profile_ids(text: str) -> str:
92
+ return PROFILE_ID_PATTERN.sub('<profile_id_placeholder>', text)
93
+ ```
94
+
95
+ ---
96
+
97
+ ### Rule S-ID-04 — General Salesforce Record ID (catch-all)
98
+
99
+ **Pattern:** `[a-zA-Z0-9]{15}` or `[a-zA-Z0-9]{18}` in a context where it appears to be a Salesforce ID
100
+
101
+ **Description:** Catch-all for Salesforce record IDs in field default values, formula expressions,
102
+ or flow variable defaults. These do not start with known prefixes and represent hardcoded record
103
+ references that would break between orgs.
104
+
105
+ **Action:** S-FLAG — Flag as a hardcoded ID finding. Include in output with a caveat. Do not repeat
106
+ the ID value itself; describe the location and pattern only.
107
+
108
+ **Detection heuristic:**
109
+
110
+ A string is likely a Salesforce record ID if:
111
+ - It is exactly 15 or 18 characters long
112
+ - It is alphanumeric (no special characters)
113
+ - It appears in a field default value, formula expression, or Apex string literal
114
+ - The surrounding context is a field default or assignment, not a human-readable string
115
+
116
+ **Note:** This catch-all intentionally has higher false-positive rate. Flag all matches for human review.
117
+
118
+ ---
119
+
120
+ ## Field Default Redaction Rules
121
+
122
+ ### Rule S-FIELD-01 — Email Address in Field Default
123
+
124
+ **Description:** An email address in a field default value indicates hardcoded contact data
125
+ that will break between orgs or leak internal contact details.
126
+
127
+ **Detection regex:**
128
+
129
+ ```python
130
+ EMAIL_PATTERN = re.compile(
131
+ r'\b[A-Za-z0-9._%+\-]+@[A-Za-z0-9.\-]+\.[A-Za-z]{2,}\b'
132
+ )
133
+ ```
134
+
135
+ **Action:** S-REDACT — Replace with `<email_placeholder>`. Note field name and object in `skip_reasons`.
136
+
137
+ **Example:**
138
+
139
+ ```
140
+ # Before sanitization
141
+ defaultValue: "support@mycompany.com"
142
+
143
+ # After sanitization
144
+ defaultValue: "<email_placeholder>"
145
+ # skip_reasons: ["Field 'Case.Email__c' default value contained an email address — redacted"]
146
+ ```
147
+
148
+ ---
149
+
150
+ ### Rule S-FIELD-02 — Phone Number in Field Default
151
+
152
+ **Description:** A phone number in a field default value indicates hardcoded contact data.
153
+
154
+ **Detection patterns (covers US, international, common formats):**
155
+
156
+ ```python
157
+ PHONE_PATTERN = re.compile(
158
+ r'(\+?\d[\d\s\-.]{7,}\d)'
159
+ )
160
+ ```
161
+
162
+ **Action:** S-REDACT — Replace with `<phone_placeholder>`. Note in `skip_reasons`.
163
+
164
+ **Note:** This pattern is broad. Apply it only to fields of type `Phone` or field API names
165
+ containing `Phone`, `Tel`, `Fax`, or `Mobile`. Applying it to all fields would produce excessive
166
+ false positives for numeric IDs and version numbers.
167
+
168
+ ---
169
+
170
+ ### Rule S-FIELD-03 — Account Name or Organization Name in Field Default
171
+
172
+ **Description:** A field default containing what appears to be a specific company or organization
173
+ name indicates hardcoded tenant-specific data.
174
+
175
+ **Detection:** This cannot be reliably detected with a regex. Apply contextual judgment:
176
+ - If a `Text` field on a related object (e.g., `Account.Name__c`) has a default value that is a
177
+ proper-noun string (e.g., `"Acme Corporation"`, `"Global Services LLC"`), flag it.
178
+ - Proper noun detection: string begins with a capital letter, is not a known Salesforce system value,
179
+ and appears to be a company or person name.
180
+
181
+ **Action:** S-FLAG — Flag for human review. Do not redact automatically (too many false positives).
182
+ Note in `assumptions`.
183
+
184
+ ---
185
+
186
+ ## Credential and Secret Redaction Rules
187
+
188
+ ### Rule S-CRED-01 — URL with Embedded Credentials
189
+
190
+ **Pattern:** `https?://[^:@\s]+:[^@\s]+@[^\s]+`
191
+
192
+ **Description:** A URL containing `username:password@hostname` form. Indicates credentials were
193
+ embedded in a field default, Named Credential configuration, or Apex string literal.
194
+
195
+ **Action:** S-STOP — **Reject the entire payload immediately.** Do not emit any partial output.
196
+ Emit a stop message with `condition_fired: "url_embedded_credentials"` and `escalation_required: true`.
197
+
198
+ **Detection regex:**
199
+
200
+ ```python
201
+ URL_CRED_PATTERN = re.compile(r'https?://[^\s:@]+:[^\s@]+@[^\s]+')
202
+ ```
203
+
204
+ **Note:** This pattern fires on any URL with a colon in the authority component before the `@`.
205
+ Legitimate colon-separated port numbers (e.g., `https://host:8080/`) do not match because they
206
+ lack the `@` after the port.
207
+
208
+ ---
209
+
210
+ ### Rule S-CRED-02 — Named Credential Header Value
211
+
212
+ **Description:** Named Credential definitions may contain authorization header values
213
+ (e.g., `Authorization: Bearer <token>`, `Api-Key: <secret>`). These must never appear in output.
214
+
215
+ **Detection:** Named Credential metadata type (`NamedCredential`) is not in the T1 allowed list
216
+ and should not be retrieved at all. However, if a Named Credential header value appears in the
217
+ body of another metadata type (e.g., embedded in a flow variable default), it must be caught.
218
+
219
+ **Detection heuristic:** Look for strings matching:
220
+ - `Bearer [A-Za-z0-9\-._~+/]+=*` (JWT or opaque bearer token)
221
+ - `Basic [A-Za-z0-9+/]+=*` (Base64 encoded credentials)
222
+ - Key-value patterns in Apex class string literals where the key contains `Authorization`,
223
+ `Api-Key`, `X-Api-Key`, `Secret`, or `Token`.
224
+
225
+ **Action:** S-STOP — **Reject the entire payload immediately.**
226
+
227
+ ---
228
+
229
+ ### Rule S-CRED-03 — High-Entropy Token-Like String in Field Default
230
+
231
+ **Description:** A field default value containing a high-entropy string (> 20 characters,
232
+ mixture of uppercase, lowercase, digits, and/or special characters) that does not match
233
+ a known safe pattern. Likely an API key, refresh token, or webhook secret that was hardcoded.
234
+
235
+ **Detection heuristic:**
236
+
237
+ ```python
238
+ import math, re
239
+
240
+ def estimate_entropy(s: str) -> float:
241
+ """Shannon entropy in bits per character."""
242
+ if not s:
243
+ return 0.0
244
+ freq = {}
245
+ for c in s:
246
+ freq[c] = freq.get(c, 0) + 1
247
+ length = len(s)
248
+ return -sum((f/length) * math.log2(f/length) for f in freq.values)
249
+
250
+ TOKEN_CANDIDATE_PATTERN = re.compile(r'[A-Za-z0-9\-_+/=]{20,}')
251
+
252
+ def is_likely_token(s: str) -> bool:
253
+ return len(s) >= 20 and estimate_entropy(s) > 3.5
254
+ ```
255
+
256
+ **Action:** S-REDACT — Replace with `<token_placeholder>`. Note the field name and object in `skip_reasons`.
257
+
258
+ ---
259
+
260
+ ## Encrypted Field Rules
261
+
262
+ ### Rule S-ENC-01 — Shield Platform Encryption (SPE) Field
263
+
264
+ **Description:** Fields protected by Salesforce Shield Platform Encryption have
265
+ `encryptionScheme` set to a non-`None` value in their describe output (e.g., `"AES128"`,
266
+ `"AES256"`, `"DETERMINISTIC"`, `"PROBABILISTIC"`).
267
+
268
+ **Action:** S-SKIP — Do not attempt to read the field value. Do not include field value in output.
269
+ Include the field API name in `encrypted_fields_skipped` with the encryption scheme noted.
270
+
271
+ **Detection in sobject describe output:**
272
+
273
+ ```json
274
+ {
275
+ "name": "SSN__c",
276
+ "type": "EncryptedText",
277
+ "encryptionScheme": "PROBABILISTIC_RANDOM"
278
+ }
279
+ ```
280
+
281
+ The `encryptionScheme` field is present and non-null, or the field `type` is `EncryptedText`.
282
+
283
+ ---
284
+
285
+ ### Rule S-ENC-02 — Platform Masking and Late Encryption (PMLE)
286
+
287
+ **Description:** Fields protected by PMLE (Platform Masking, field-level encryption via Data Mask
288
+ or compliance rules) may not always be identifiable from the describe output alone.
289
+
290
+ **Detection heuristic:** If a field has `type: "EncryptedText"` or `encryptionScheme` != `"NONE"`,
291
+ apply S-SKIP. Additionally, if the field API name contains `SSN`, `TaxId`, `CreditCard`,
292
+ `BankAccount`, `Password`, or `Secret` (case-insensitive), apply extra caution and note in output.
293
+
294
+ **Action:** S-SKIP — Same as S-ENC-01.
295
+
296
+ ---
297
+
298
+ ## Apex-Specific Rules
299
+
300
+ ### Rule S-APEX-01 — Hardcoded Session ID in Apex Class
301
+
302
+ **Description:** An Apex class body that calls `UserInfo.getSessionId` and passes the result
303
+ to an external callout, stores it in a field, or logs it represents a Critical security finding.
304
+
305
+ **Detection:**
306
+
307
+ ```python
308
+ SESSION_ID_EXFIL_PATTERN = re.compile(
309
+ r'UserInfo\.getSessionId\(\).*?(?:HttpRequest|Callout|insert|update|Database\.insert|System\.debug)',
310
+ re.DOTALL
311
+ )
312
+ ```
313
+
314
+ **Action:** S-STOP (treat as Critical) — Flag the finding, note the class name and approximate
315
+ line context (not the literal value), and escalate before passing to downstream skill.
316
+
317
+ **Emit:**
318
+
319
+ ```yaml
320
+ stop:
321
+ condition_fired: "apex_session_id_exfiltration"
322
+ mid_execution: true
323
+ class_name: "<ClassName>"
324
+ finding: "UserInfo.getSessionId result appears to be passed to an external callout or stored in a field"
325
+ escalation_required: true
326
+ ```
327
+
328
+ ---
329
+
330
+ ### Rule S-APEX-02 — Hardcoded Salesforce ID in Apex String Literal
331
+
332
+ **Description:** A hardcoded 15- or 18-character Salesforce record ID in an Apex string literal
333
+ (e.g., `Id myId = '0018000001abc123abc';`). This will break in any org other than the one it was
334
+ written for.
335
+
336
+ **Action:** S-FLAG — Do not repeat the ID value in output. Describe the location (class name,
337
+ approximate context) and pattern. Include in the downstream skill's `complexity_indicators` or
338
+ `hardcoded_id_count` field.
339
+
340
+ ---
341
+
342
+ ## Output Documentation Rules
343
+
344
+ ### What must appear in output when redaction fires
345
+
346
+ Every redaction or skip event must be documented in the output envelope:
347
+
348
+ ```yaml
349
+ fls_notes:
350
+ inaccessible_fields:
351
+ - "Account.Revenue__c" # FLS blocked — not included in output
352
+ encrypted_fields_skipped:
353
+ - field: "Contact.SSN__c"
354
+ encryption_scheme: "PROBABILISTIC_RANDOM"
355
+ action: "skipped — value not read"
356
+
357
+ metadata_summary:
358
+ items_skipped: 2
359
+ skip_reasons:
360
+ - "Field 'Case.SupportEmail__c' default value contained an email address — redacted"
361
+ - "Field 'Contact.APIKey__c' default value matched high-entropy token pattern — redacted"
362
+ ```
363
+
364
+ ### What must NEVER appear in output
365
+
366
+ - Literal Salesforce org IDs (15 or 18 characters starting with `00D`)
367
+ - Literal user IDs (starting with `005`)
368
+ - Literal profile or permission set IDs (starting with `00e`)
369
+ - Hardcoded ID values from field defaults or formula expressions — describe pattern and location only
370
+ - Email addresses from field defaults
371
+ - Phone numbers from field defaults
372
+ - URL-embedded credentials (stop condition — no partial output)
373
+ - Named Credential header values (stop condition — no partial output)
374
+ - API keys, tokens, or high-entropy secrets from field defaults
375
+ - Apex source code lines containing session ID exfiltration patterns (escalate before sharing)
376
+
377
+ ---
378
+
379
+ ## Sanitization Verification Checklist
380
+
381
+ Before emitting any output, confirm:
382
+
383
+ - [ ] All org ID patterns (`00D...`) have been replaced with `<org_id_placeholder>`
384
+ - [ ] All user ID patterns (`005...`) have been replaced with `<user_id_placeholder>`
385
+ - [ ] All profile/permission set ID patterns (`00e...`) have been replaced with `<profile_id_placeholder>`
386
+ - [ ] All field default values have been scanned for email, phone, and token patterns
387
+ - [ ] All URL-embedded credential patterns have been checked — if found, stop and do not emit
388
+ - [ ] All Named Credential header value patterns have been checked — if found, stop and do not emit
389
+ - [ ] Encrypted field markers (Shield PE, PMLE) have been identified and those fields skipped
390
+ - [ ] Apex class bodies (if retrieved) have been scanned for session ID exfiltration patterns
391
+ - [ ] All redaction and skip events have been documented in `skip_reasons` or `encrypted_fields_skipped`
392
+ - [ ] `sanitization_applied: true` is set in the audit envelope
package/skills/salesforce/salesforce-metadata-review-skill/SKILL.md ADDED
@@ -0,0 +1,148 @@
1
+ ---
2
+ name: salesforce-metadata-review-skill
3
+ description: Use this skill when pasted or exported Salesforce metadata must be reviewed for over-customization, unused fields, hardcoded IDs, and deprecated metadata types. Covers: objects, fields, layouts, page layouts, Lightning record pages, profiles, permission sets, and sharing rules. Trigger phrases: "review this Salesforce metadata", "check this object definition", "are there deprecated metadata types here", "find hardcoded IDs in this profile", "review this permission set export". Do not use when you need a full org posture assessment (use salesforce-org-assessment-skill), when you need a permission model deep-dive across topology (use salesforce-permission-model-review-skill), or when you need to review automation logic (use salesforce-flow-automation-review-skill). Works from pasted or exported metadata only; never requests live org access.
4
+ allowed-tools: Read Grep Glob
5
+ metadata:
6
+ author: "github: Raishin"
7
+ version: "0.1.0"
8
+ updated: "2026-05-20"
9
+ category: platform
10
+ lifecycle: experimental
11
+ ---
12
+
13
+ # Salesforce Metadata Review Skill
14
+
15
+ ## Purpose
16
+ This skill reviews pasted or exported Salesforce metadata for quality,
17
+ maintainability, security, and compliance indicators. It flags
18
+ over-customization, unused fields, hardcoded IDs, and deprecated metadata
19
+ types, and produces a structured findings report. It does not access live
20
+ orgs and does not authorize changes.
21
+
22
+ ## When to use
23
+ - A metadata export (objects, fields, layouts, profiles, permission sets,
24
+ sharing rules) needs review before a release.
25
+ - A code review has surfaced questions about the metadata surface.
26
+ - A technical debt assessment requires metadata-level findings.
27
+ - An audit requires documentation of deprecated or risky metadata patterns.
28
+
29
+ ## When not to use
30
+ - Full org posture assessment — use `salesforce-org-assessment-skill`.
31
+ - Permission topology review across profiles and permission set groups — use `salesforce-permission-model-review-skill`.
32
+ - Automation logic review (Flow XML, validation rules) — use `salesforce-flow-automation-review-skill`.
33
+ - Live production change review — use `salesforce-live-change-approval-protocol`.
34
+
35
+ ## Minimum payload (required inputs)
36
+ - One or more sanitized metadata exports: object XML, field definitions,
37
+ layout XML, profile XML, permission set XML, sharing rule XML, or equivalent.
38
+ - Metadata type(s) being reviewed.
39
+ - Context: release context, org type (production/sandbox placeholder), business use case.
40
+
41
+ ## Workflow
42
+ 1. **Object and field review**
43
+ - Identify fields with zero or low usage indicators (no referenced automation, no layout placement).
44
+ - Flag fields with hardcoded IDs in default values or formula expressions.
45
+ - Flag objects with excessive custom field counts (> configurable threshold).
46
+ - Identify deprecated field types (Text Area vs Rich Text Area misuse, currency without multi-currency awareness).
47
+ - Flag custom objects that duplicate standard object functionality.
48
+
49
+ 2. **Layout review**
50
+ - Page layouts: flag layouts with > configurable threshold components; flag required fields not aligned with business process.
51
+ - Lightning record pages
52
+ : flag components using hardcoded record IDs or hardcoded URLs.
53
+ - Flag layouts assigned to no profiles or permission sets (orphaned).
54
+
55
+ 3. **Profile and permission set review**
56
+ - Flag profiles with excessive object permissions (Create/Edit/Delete/ViewAll/ModifyAll on sensitive objects).
57
+ - Flag permission sets with duplicate coverage of profile permissions (redundant grants).
58
+ - Flag permission sets with no assignees (orphaned).
59
+ - Flag profiles granting API access without IP restrictions.
60
+
61
+ 4. **Sharing rule review**
62
+ - Identify sharing rules that effectively expose all records to a broad group.
63
+ - Flag criteria-based sharing rules with conditions that evaluate to always-true.
64
+ - Flag sharing rules on objects with OWD = Public Read/Write (redundant).
65
+
66
+ 5. **Deprecated metadata types**
67
+ - Flag use of: workflow rules, Process Builder
68
+ (deprecated),
69
+ legacy assignment rules (where Flow equivalent exists), Visualforce pages in Lightning context
70
+ without Lightning migration plan.
71
+
72
+ 6. **Hardcoded ID detection**
73
+ - Flag any string matching Salesforce ID patterns (15- or 18-character alphanumeric) in:
74
+ field defaults, formula fields, validation rule expressions, layout XML.
75
+
76
+ ## Evidence requirements
77
+ - Sanitized metadata XML or equivalent export; no credentials, session tokens, or customer data.
78
+ - If metadata contains what appears to be record-level data (not schema), decline and ask for schema-only.
79
+
80
+ ## Output format
81
+ ```
82
+ metadata_review_findings:
83
+ objects_and_fields:
84
+ - finding: [description]
85
+ severity: Critical | High | Medium | Low
86
+ evidence: [what in the metadata supports this]
87
+ recommendation: [brief]
88
+ layouts:
89
+ - finding: [description]
90
+ severity: [tier]
91
+ evidence: [...]
92
+ recommendation: [...]
93
+ profiles_and_permission_sets:
94
+ - finding: [description]
95
+ severity: [tier]
96
+ evidence: [...]
97
+ recommendation: [...]
98
+ sharing_rules:
99
+ - finding: [description]
100
+ severity: [tier]
101
+ evidence: [...]
102
+ recommendation: [...]
103
+ deprecated_metadata_types:
104
+ - type: [name]
105
+ usage: [where found]
106
+ migration_path: [recommended replacement]
107
+ hardcoded_ids:
108
+ - location: [metadata element]
109
+ pattern: [describe pattern, do not repeat the ID value]
110
+ recommendation: [use Custom Metadata, Custom Setting, or label instead]
111
+
112
+ summary:
113
+ total_findings: [count]
114
+ critical_count: [count]
115
+ high_count: [count]
116
+ escalation_gates_fired: [from salesforce-risk-taxonomy, or "none"]
117
+ assumptions: [list]
118
+ missing_evidence: [what would improve the review]
119
+ ```
120
+
121
+ ## Redaction rules
122
+ - Never request secrets, credentials, OAuth tokens, refresh tokens, session IDs, MFA seeds, customer PII.
123
+ - Sanitize org IDs, user IDs (replace with placeholders) before sharing in outputs.
124
+ - Do not repeat hardcoded ID values in output; describe the pattern and location only.
125
+
126
+ ## Privilege / data handling rules
127
+ - Metadata review is schema-level only; do not carry record-level data.
128
+ - Sharing rule findings involving PII objects escalate to salesforce-permission-model-review-skill.
129
+
130
+ ## Handoff rules
131
+ - Hands off to: salesforce-permission-model-review-skill (permission findings),
132
+ salesforce-flow-automation-review-skill (deprecated automation findings),
133
+ salesforce-org-assessment-skill (if full posture context is needed).
134
+ - If escalation gate fires: salesforce-case-capsule with escalation_required = true.
135
+ - Required handoff fields: matter_id, metadata_review_findings (summary), escalation_gates_fired.
136
+
137
+ ## Audit log fields
138
+ - matter_id, skill_id, skill_version, invoked_by, input_hash, evidence_quality, output_verdict, escalation_fired, timestamp
139
+
140
+ ## Stop conditions
141
+ - Metadata contains live credentials, record-level PII, or session tokens — stop and ask for sanitized version.
142
+ - Metadata is from a regulated-vertical org and compliance scope is unknown — flag and escalate.
143
+ - Hardcoded ID count is very high (systemic pattern) — escalate to salesforce-org-assessment-skill for full posture review.
144
+
145
+ ## Security notes
146
+ - Read-only static review of exported metadata; never requests live org access.
147
+ - Hardcoded ID values must not be repeated in output to avoid accidental leakage.
148
+ - Deprecated metadata flags are informational; migration requires human-authorized release planning.
package/skills/salesforce/salesforce-metadata-review-skill/metadata.json ADDED
@@ -0,0 +1,18 @@
1
+ {
2
+ "id": "salesforce-metadata-review-skill",
3
+ "name": "Salesforce Metadata Review Skill",
4
+ "type": "skill",
5
+ "provider": "salesforce",
6
+ "harnesses": ["codex", "claude-code", "cursor", "gemini", "kiro", "other"],
7
+ "summary": "Reviews pasted or exported Salesforce metadata (objects, fields, layouts, Lightning record pages, profiles, permission sets, sharing rules) for over-customization, unused fields, hardcoded IDs, and deprecated metadata types, producing a structured findings report.",
8
+ "source_type": "original",
9
+ "official_docs": [
10
+ "https://help.salesforce.com/",
11
+ "https://developer.salesforce.com/docs"
12
+ ],
13
+ "security_notes": "Read-only static review; sanitized metadata exports only; never requests live org credentials or API access. Hardcoded ID values not repeated in output. Regulated-vertical findings escalated to compliance specialist.",
14
+ "last_verified": "2026-05-20",
15
+ "path": "skills/salesforce/salesforce-metadata-review-skill",
16
+ "author": "github: Raishin",
17
+ "version": "0.1.0"
18
+ }